Apple has issued a new alert for iPhone users following a recent cyberattack affecting over a billion devices. The hackers are using various tricks, including impersonating Apple employees, to get personal information such as passwords, security codes, and financial details.
The company urged iPhone users to be wary of phishing emails that attempt to steal information or money, fake pop-up ads, deceptive offers, unexpected calendar invites, and phone calls that are scams. It emphasized that its support team never directs users to sign in via a website link. It also does not request passwords or two-factor authentication codes.
Apple said, “If someone claiming to be from Apple asks you for any of the above, they are a scammer engaging in a social engineering attack. Hang up the call or otherwise terminate contact with them.”
Two-factor authentication for added security to guard against cyberattacks
For added security, iPhone owners should activate two-factor authentication if they haven’t already. This setup requires a password and a six-digit code for accessing personal accounts from a different device.
Apple advises users to be wary of calls that appear to come from a legitimate number but are actually from scammers trying to steal personal information. These callers may try to build trust by mentioning details such as your home address, workplace, or even your social security number.
Apple has cautioned that spoofing calls often create a sense of urgency to prevent one from taking time to think or contacting Apple directly. For instance, scammers might claim that while you’re free to call Apple back, fraudulent activities will continue.
#BREAKING: Cyberattack Targets Apple ID Users A widespread cyberattack targeting Apple ID users has prompted an urgent warning to all 1.46 billion iPhone users. Cybercriminals are using SMS phishing tactics, posing as Apple, to trick recipients into clicking links for… pic.twitter.com/qdK2oJA5e5
Apple’s support page warns that scammers may also ask iPhone users to disable security features such as two-factor authentication or Stolen Device Protection.
“They will claim that this is necessary to help stop an attack or to allow you to regain control of your account,” the Apple spokesperson said. “However, they are trying to trick you into lowering your security so they can carry out their own attack.”
Apple’s guidelines for iPhone users if you receive a scam message or call
To avoid falling victim, Apple advises users to watch out for signs of fraudulent emails and messages. Start by checking if the sender’s email or phone number matches the company’s official details. Verify if the email address used differs from the official Apple one.
Additionally, scrutinize links in messages to ensure they lead to Apple’s official website. Compare the message with others you’ve received from Apple to determine if it looks suspicious or requests sensitive information such as passwords or credit card numbers.
If you receive a suspicious call, it’s crucial to hang up immediately and contact Apple directly to verify any notifications. Alternatively, users are urged to report scam calls to the US Federal Trade Commission or local law enforcement agencies.
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.